<?php
/*
 * includes/config-page-old.php
 *
 * Displays Admin SSL configuration settings for WordPress pre-2.5
 *
 * Author: BCG
 *
 */
?>

<?php
	if(function_exists("current_user_can") && !current_user_can("level_10"))
		exit("Nice try");
	if(basename($_SERVER["SCRIPT_FILENAME"]) === basename(__FILE__))
		exit("You cannot access this page directly");
?>

<?php if(!empty($_POST)){ ?>
	<div id="message" class="<?php echo($error ? "error" : "updated") ?> fade"><p><strong><?php echo(_e($message)) ?></strong></p></div>
<?php } ?>

<div class="wrap">

	<h2><?php _e('Admin SSL Configuration'); ?></h2>

	<form action="" method="post" id="admin-ssl-config">

		<p>
			<label for="use_ssl">
				<input id="use_ssl" name="use_ssl" type="checkbox"<?php if($use_ssl) echo(' checked="checked"') ?> />
				Secure my site with SSL
			</label>
		</p>

		<p><b>PLEASE NOTE</b> that if you enable SSL and don't have a Private SSL certificate,
		<b>your site will be inaccessible</b>.</p>

		<?php if(!is_wpmu()){ # WPMU cannot support Shared SSL ?>

			<br/>

			<h3>Shared SSL</h3>

			<p>If you use Shared SSL, please check the box below and type the URL for your Shared SSL.</p>

			<p><b>PLEASE NOTE</b> that if you don't enter your Shared SSL details and don't have Private SSL,
			<b>your site will be inaccessible</b> if you enable SSL above.</p>

			<p>
				<label for="use_shared">
					<input id="use_shared" name="use_shared" type="checkbox"<?php if($use_shared) echo(' checked="checked"') ?> />
					Use Shared SSL
				</label>
			</p>

			<p>
				<input id="shared_url" name="shared_url" type="text" style="width: 95%" class="code"
					value="<?php echo($shared_url) ?><?php if($shared_url && strpos($shared_url,"wp-admin") === false) echo("/wp-admin/") ?>" />
				<br/>
				URL address of dashboard using Shared SSL (<b>must</b> end with '/wp-admin/')<br/><br/>
				Examples:<br />
				https://host_company.com/~your_username/blog/wp-admin/ <b>is</b> correct<br />
				https://host_company.com/~your_username/blog/some_folder/ is <b>not</b> correct
			</p>

		<?php } ?>

		<br/>

		<h3>Additional URLs</h3>

		<p>
			Admin SSL forces wp-login.php and wp-admin/profile.php to be secured (these are the pages on which
			you can enter a password).  When HTTPS is being used, wp-content/* and wp-includes/* are also secured.
			Here you can add other URLs to be secured by Admin SSL.
		</p>

		<p>
			One URL per line. Your blog URL is <?php echo(get_option("siteurl")) ?>/, so to secure
			<?php echo(get_option("siteurl")) ?>/some_page.php, add 'some_page.php'
			to the box below.  To secure all your admin URLs, add 'wp-admin/', etc.
		</p>

		<textarea id="additional_urls" name="additional_urls" cols="60" rows="10"
			style="width: 95%;" class="code"><?php if($additional_urls) echo($additional_urls) ?></textarea>

		<p>
			<b>Warning</b>: depending on how other plugins are written, this feature may not work properly
			on a Shared SSL setup.<br/>
			Attempting to secure a blog post or page <b>will</b> cause a redirection error.  Single posts and
			pages cannot be secured - to secure your entire blog, disable Admin SSL and change your blog
			URL on the 'Settings' page.
		</p>

		<p>
			<label for="secure_users_only">
				<input id="secure_users_only" name="secure_users_only" type="checkbox"
					<?php if($secure_users_only) echo(' checked="checked"') ?> />
				Secure additional URLs <b>only</b> if user is signed in
			</label>
		</p>

		<?php if(!is_wpmu()){ # options for WPMU must be on wpmu-admin.php ?>

			<br/>

			<h3>Other Settings</h3>

			<p>
				Show Admin SSL options under the following menu:<br/>
				<label for="parent_plugins">
					<input id="parent_plugins" name="config_parent" type="radio"
						value="plugins.php"<?php if($config_parent == "plugins.php") echo(' checked="checked"') ?>/>
					Plugins menu
				</label>
				<br/>
				<label for="parent_settings">
					<input id="parent_settings" name="config_parent" type="radio"
						value="options-general.php"<?php if($config_parent == "options-general.php") echo(' checked="checked"') ?>/>
					Options menu
				</label>
			</p>


			<p>
				HTTPS Detection:<br />

				<b>Warning</b>: Do <b>NOT</b> play with this feature, or you will cause endless redirection.
				<br/>
				If you need to use it, ensure that you enter the details correctly before saving the changes.

				<br/><br/>

				<input id="https_key" name="https_key" type="text" class="code"
					value="<?php echo($https_key) ?>" />
				<br/>
				<label for="https_key">The name of the HTTPS $_SERVER variable</label>

				<br/><br/>

				<input id="https_value" name="https_value" type="text" class="code"
					value="<?php echo($https_value) ?>" />
				<br/>
				<label for="https_value">The value of the HTTPS $_SERVER variable when HTTPS is ON</label>
			</p>

		<?php } ?>

		<p class="submit">
			<input type="submit" name="submit" value="<?php _e('Save Changes'); ?>" />
		</p>

	</form>

</div>